From: Girish Moodalbail
Date: Wed, 25 Oct 2017 00:23:04 -0700
> Double free of skb_array in tap module is causing kernel panic. When
> tap_set_queue() fails we free skb_array right away by calling
> skb_array_cleanup(). However, later on skb_array_cleanup() is called
> again by tap_sock_destruct
On 2017年10月25日 15:23, Girish Moodalbail wrote:
Double free of skb_array in tap module is causing kernel panic. When
tap_set_queue() fails we free skb_array right away by calling
skb_array_cleanup(). However, later on skb_array_cleanup() is called
again by tap_sock_destruct through sock_put(). T
Double free of skb_array in tap module is causing kernel panic. When
tap_set_queue() fails we free skb_array right away by calling
skb_array_cleanup(). However, later on skb_array_cleanup() is called
again by tap_sock_destruct through sock_put(). This patch fixes that
issue.
Fixes: 362899b8725b35e
